An identification and prevention of theft-of-service attack on cloud computing

摘要

Cloud computing, an emerging paradigm, has shifted the shape of computing models from technology to a utility. However, data integrity, privacy, trust and secure cloud infrastructure are amongst the major issues which can subvert the wide benefits and deployment of cloud computing. Cloud computing uses virtualization to provide scalable, efficient and low cost IT services to users. The back bone of virtualization is hypervisor which mapped logical hardware with physical hardware and make one computer appear as many. Hypervisor vulnerabilities can favor the attacker to use the VM (virtual machine) for a longer period and pay less amount by resetting/manipulating the variables (i.e. which store CPU and memory etc. usage of VM, used by user, to charge him at the end) resulting in an attack called theft-of-service attack. This attack, caused by stealing VM, can affect the cloud infrastructure financially as well as there will be no record of user's activity during his stay on cloud which lead to a greater risk to success of cloud computing. In this paper, we investigated the limitations of Kernel Virtual Machine together with the QEMU emulator in private cloud and provided the solution, in term of an API based VM's power consumption that will identify and prevent theft-of-service attack. This solution has been implemented in a private cloud to determine the efficiency of proposed API. We concluded that our API can detect and prevent theft-of-service attack in cloud with respect to different scenarios.